Qureos

Find The RightJob.

companyLogo
OQ Chemicals

Specialist Cybersecurity

POSITION DESCRIPTION:


Position Title:


Cyber security Operations JD


Reports to:


ICT Manager


Department:


ICT Department


Location:


Duqm/ Ras Markaz/ Muscat

JOB PURPOSE:


The Specialist – Cyber Security Operations safeguards OTTCO’s ICT, OMT, and OT environments by leading security operations, implementing the Minimum-Security Baseline (MSB) for networks, servers, and databases, and coordinating enterprise-wide incident response and risk management. The role ensures compliance with national regulators (e.g., OIA, NRAA) and relevant international standards, continuously reduces cyber risk through data-driven controls, tracks and optimizes direct and indirect cybersecurity costs, and delivers a pragmatic cybersecurity strategy that protects business continuity and supports OTTCO’s operational goals.

Description

The Cyber Security Operations Specialist is responsible for safeguarding the organization’s IT infrastructure and digital assets by managing and enhancing cybersecurity operations. This role involves administering and troubleshooting security solutions, overseeing CSOC activities, and ensuring timely resolution of security incidents. The specialist leads incident response processes, root cause analysis, and continuous improvement initiatives while driving cybersecurity projects such as SIEM implementation, firewall configuration, and endpoint protection. Additionally, the position requires governance of identity and access management, compliance with regulatory standards, and collaboration with internal teams and external stakeholders to strengthen security awareness and resilience across the organization.


REPORTING STRUCTURE:


Number of Staff Supervised

Direct Reports:


0


Total:


0


Key interactions

Internal: HSSE, Operations, Maintenance, Engineering, Finance, Procurement, Legal/Compliance, Records Management, Internal Audit, Corporate IT/OT teams.

External: EPC contractors, OQ/Group entities (as applicable), OEM vendors, Telecom providers, TRA/ROP (as applicable), OIA, NRAA, and other regulators/standards bodies.



Remote Job Office environment, intensive computer screen use, sporadic visits to the operation site.


  • Education: Bachelor’s degree in information security, Computer Science, Information Systems, or related field (Master’s a plus).
  • Professional certifications (one or more preferred): CISSP, CISM, GCIH, GCIA, GCFE, CEH, OSCP, ISO/IEC 27001 Lead Implementer/Lead Auditor, GICSP/GRID (for OT), or SIEM vendor certifications.
  • Change Management certification/designation (desired).

Main tasks and responsibilities


  • Security Operations & Incident Response

  • Run day-to-day cybersecurity operations and CSOC processes (monitoring, alert triage, case management, escalation, and closure).
  • Lead incident response lifecycle (prepare–detect–contain–eradicate–recover–lessons learned) and drive timely Root Cause Analysis (RCA) and corrective actions.
  • Maintain incident response plans/playbooks; conduct table-top exercises and post-incident reviews; measure MTTD/MTTR and improve year over year.
  • Coordinate with internal teams, vendors, and law enforcement/authorities as required.

2) Minimum Security Baseline (MSB) Implementation


  • Lead implementation and governance of MSB across Networks, Servers, and Databases for IT, OMT, and OT
environments.
  • Define configuration baselines (hardening, patching, logging), establish compliance thresholds, and drive remediation with owners.
  • Maintain MSB exceptions/dispensations with risk acceptance and expiry tracking.

3) Governance, Risk, and Compliance (GRC)


  • Own and maintain the Cyber Risk Register: log risks, assess likelihood/impact, assign ownership, track treatment plans and due dates.
  • Perform regular risk assessments for ICT (systems, projects, third parties), including OT/OMT assets; update risk posture and report trends.
  • Ensure alignment with regulatory requirements and international standards; prepare and support audits/assessments and close findings on time.
  • Coordinate with national regulators (e.g., OIA, NRAA) and international bodies to interpret and implement applicable regulations and standards.

4) Architecture, Engineering & Vulnerability Management


  • Administer and continuously improve security tooling: SIEM/UEBA, EDR, email security, cloud security (e.g., M365/Azure), firewalls/WAF, NAC, DLP, PAM, IDS/IPS, OT security monitoring, and vulnerability management.
  • Lead vulnerability scanning, secure configuration compliance, and patch orchestration with owners; track SLA- driven remediation.

  • Support secure solution design/reviews for projects and changes (IT/OT), ensuring “secure-by-design” and “defense- in-depth” principles.

5) Identity & Access Governance


  • Govern identity lifecycle (Joiner–Mover–Leaver), privileged access, and periodic entitlement recertifications; enforce least privilege/segregation of duties.
  • Oversee MFA, conditional access, and access logging/monitoring; investigate anomalies with SOC.

6) Business Continuity, DR & Data Protection


  • Support cybersecurity requirements for backups, disaster recovery, and OT resilience; validate through tests and exercises.
  • Ensure appropriate safeguards for sensitive data, records, and retention in line with NRAA and internal policy.

Information Security Projects: Oversee and provide support for information security projects, ensuring successful implementation and alignment with organizational goals.

7) Strategy, Financials & Reporting


  • Track cybersecurity costs (direct: tools, licenses, services; indirect: staff time, training, process overheads) and identify optimization opportunities.
  • Develop, update, and submit the Cybersecurity Strategy for OTTCO’s ICT and OT systems, including roadmap, capability maturity, and investment plan.
  • Produce management reports/dashboards on risk, incidents, MSB compliance, vulnerabilities, audit status, KPIs, and budget performance.

8) Awareness, Training & Stakeholder Management


  • Deliver cyber awareness programs/campaigns tailored to end users, admins, engineers, and executives (including OT/OMT context).
  • Coordinate with HSSE, Operations, Maintenance, and Engineering; manage vendors and service providers through SLAs and security clauses.

9) Quality, Policy & Continuous Improvement


  • Develop and maintain cybersecurity policies, standards, procedures, architecture diagrams, and security documentation.
  • Interface with internal/external audits (QA/QC), close findings, and embed lessons learned into processes and tooling.

QUALIFICATIONS, EXPERIENCE, & SKILLS:

  • + 5 years total experience in IT & Telecom; 5–8 years in Cyber Security Operations (preferably in Oil & Gas or critical infrastructure).
  • Demonstrated experience implementing SIEM/SOC, EDR, firewalls/WAF, email/cloud security, and identity governance.
  • Hands-on with MSB/baseline hardening, vulnerability management, incident response, RCA, and audit closure.
  • Exposure to OT/ICS environments and mixed IT/OT security is strongly preferred.

Project and change management experience, vendor and contract management. Soft Competencies:

  • A solid understanding of how people go through a change and the change process
  • Experience and knowledge of change management principles, methodologies and tools
  • Exceptional communication skills, both written and verbal
  • Excellent active listening skills
  • Ability to clearly articulate messages to a variety of audiences
  • Ability to establish and maintain strong relationships
  • Ability to influence others and move toward a common vision or goal
  • Flexible and adaptable; able to work in ambiguous situations
  • Resilient and tenacious with a propensity to persevere
  • Looking forward with a holistic approach
  • Organized with a natural inclination for planning strategy and tactics
  • Problem solving and root cause identification skills
  • Able to work effectively at all levels in an organization
  • Must be a team player and able to work collaboratively with and through others
  • Acute business acumen and understanding of organizational issues and challenges

Technical Competencies
  • Security Operations: SIEM (e.g., Microsoft Sentinel/Splunk), SOAR, UEBA, EDR (e.g., Defender for Endpoint), IDS/IPS, DLP, PAM, NAC, vulnerability scanners.
  • Network/Perimeter: Firewalls, WAF, segmentation/micro-segmentation, VPN, DNS security, proxy, email security gateways.
  • Cloud & Microsoft Security: M365/Azure security, identity protection, conditional access, data/classification, AIP/MIP, Sentinel, Defender suite.
  • OT/OMT Security: ICS/SCADA fundamentals, asset discovery, network zoning, passive monitoring, safe patching, vendor remote access.
  • IAM & PAM: RBAC, SoD, MFA, lifecycle automation, privileged session management.
  • Standards & Frameworks: ISO/IEC 27001/27002, NIST CSF, NIST SP 800‑53/800‑82 (ICS), IEC 62443 (OT), MITRE ATT&CK/ATT&CK for ICS.
  • Scripting & Automation: PowerShell and/or Python for data collection, enrichment, and response automation.

Documentation: System security plans, network diagrams, runbooks/playbooks, risk and compliance artifacts..

Similar jobs

InterTech LLC logo
Network Security Expert

InterTech LLC

Muscat, Oman

2 days ago

Nets-international Communication logo
Cisco Umbrella Security

Nets-international Communication

Muscat, Oman

2 days ago

© 2026 Qureos. All rights reserved.

Term of usePrivacy policy